What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-09-24 11:00:19 | Port of Houston Target of Suspected Nation-State Hack (lien direct) | A major U.S. port was the target last month of suspected nation-state hackers, according to officials. The Port of Houston, a critical piece of infrastructure along the Gulf Coast, issued a statement Thursday saying it had successfully defended against an attempted hack in August and “no operational data or systems were impacted.” | Hack | ||
|
2021-09-24 10:24:16 | F5 to Acquire Threat Stack for $68 Million in Cash (lien direct) | Cloud application and security solutions provider F5 this week announced that it has agreed to acquire threat detection firm Threat Stack for $68 million in cash. Threat Stack provides a platform that monitors cloud, hybrid cloud, multi-cloud, and containerized environments, and can automatically correlate events to identify suspicious activity. | Threat | ||
|
2021-09-24 09:30:06 | Working Securely From Anywhere With Zero Trust (lien direct) | Over the past year, two things have become clear. First, the network infrastructure organizations need to operate in today's increasingly digital world will continue to evolve. And second, rather than “returning to normal,” the future will be even more fragmented than ever. Users will need faster access to a growing number of applications and resources deployed across an increasingly distributed infrastructure. Those applications will continue to deliver richer and more complex data. | |||
|
2021-09-23 20:39:09 | Apple Confirms New Zero-Day Attacks on Older iPhones (lien direct) | Apple on Thursday confirmed a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform. | Vulnerability | ||
|
2021-09-23 18:09:00 | Improving Security Posture to Lower Insurance Premiums (lien direct) | Cyber insurance is a new branch of an old industry. That industry has centuries of experience in insuring shipping and a hundred or more years of insuring motor cars -- but only a few decades of cyber knowledge. It has comparatively little knowledge of either cyber risk or the financial insurance risk – and nobody yet knows where this new journey will take it. | |||
|
2021-09-23 17:39:21 | Web Security Provider Jscrambler Raises $15 Million (lien direct) | Client-side web security provider Jscrambler on Thursday announced that a $15 million Series A financing round led by Ace Capital Partners. Existing investors Sonae IM and Portugal Ventures also participated. | |||
|
2021-09-23 15:21:02 | Report: Suspected Chinese Hack Targets Indian Media, Gov\'t (lien direct) | A U.S.-based private cybersecurity company said Wednesday it has uncovered evidence that an Indian media conglomerate, a police department and the agency responsible for the country's national identification database have been hacked, likely by a state-sponsored Chinese group. | Hack | ||
|
2021-09-23 14:47:31 | Apple Deprecates Outdated TLS Protocols in iOS, macOS (lien direct) | Apple this week announced that it has deprecated the Transport Layer Security (TLS) 1.0 and 1.1 legacy encryption protocols from the latest iterations of its mobile and desktop platforms. Critical for the security of web traffic, TLS ensures the confidentiality and integrity of data being transmitted between servers and clients. | |||
|
2021-09-23 14:05:05 | Third-Party Risk Management Firm Panorays Raises $42 Million (lien direct) | Third-party risk management solutions provider Panorays on Thursday announced raising $42 million in a Series B funding round. | |||
|
2021-09-23 13:32:29 | Cisco Patches Critical Vulnerabilities in IOS XE Software (lien direct) | Cisco this week announced the availability of patches for a series of critical vulnerabilities in IOS XE software that could be exploited to execute arbitrary code remotely, cause denial of service, or manipulate device configuration. | |||
|
2021-09-23 12:42:18 | VMware vCenter Servers in Hacker Crosshairs After Disclosure of New Flaw (lien direct) | The internet is already being scanned for VMware vCenter servers affected by CVE-2021-22005, a critical vulnerability for which the virtualization giant announced patches just a couple of days ago. | Vulnerability | ||
|
2021-09-23 11:35:57 | Attacks on Russian Government Orgs Exploit Recent Microsoft Office Zero-Day (lien direct) | Threat actors have targeted Russian government organizations with malicious documents designed to exploit the recently patched MSHTML zero-day flaw in Microsoft Office, security researchers with Malwarebytes reveal. | |||
|
2021-09-23 11:12:13 | Facebook Ad Business Hit by New Apple Privacy Rules (lien direct) | Facebook said Wednesday that Apple's iPhone privacy changes, which allow users to block tracking, significantly affected its advertising revenues because less data could be collected. | |||
|
2021-09-23 10:38:46 | U.S. Issues Conti Alert as Second Farming Cooperative Hit by Ransomware (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA have issued a joint alert to warn organizations about an increase in cyberattacks involving the Conti ransomware. The alert comes just as another major farming cooperative confirmed being hit by ransomware. | Ransomware | ||
|
2021-09-22 21:37:24 | Lithuanian Agency Warns Against Use of Chinese-made Phones (lien direct) | Lithuanian cybersecurity experts are urging the country's government agencies to abandon the use of Chinese smartphone brands after an investigation identified security vulnerabilities and censorship concerns with certain devices. | |||
|
2021-09-22 17:32:47 | Netgear Patches Remote Code Execution Flaw in SOHO Routers (lien direct) | A security vulnerability in Small Offices/Home Offices (SOHO) routers from Netgear could be exploited to execute arbitrary code remotely as root, according to security researchers at consulting firm GRIMM. | Vulnerability | ||
|
2021-09-22 15:02:05 | Many Hikvision Cameras Exposed to Attacks Due to Critical Vulnerability (lien direct) | More than 70 Hikvision camera and NVR models are affected by a critical vulnerability that can allow hackers to remotely take control of devices without any user interaction. | Vulnerability | ||
|
2021-09-22 14:00:59 | Remote Code Execution Vulnerability Found in AWS WorkSpaces (lien direct) | Rhino Security Labs researchers have identified a vulnerability in the AWS WorkSpaces desktop client that could allow an attacker to execute arbitrary code remotely. Tracked as CVE-2021-38112, the security bug could be triggered when the user opens a malicious WorkSpaces URI from the browser, allowing a remote attacker to execute arbitrary code on the vulnerable system. | Vulnerability | ||
|
2021-09-22 13:32:04 | Hundreds of Thousands of Credentials Leaked Due to Microsoft Exchange Protocol Flaw (lien direct) | Cybersecurity researchers have been able to capture hundreds of thousands of Windows domain and application credentials due to the design and implementation of the Autodiscover protocol used by Microsoft Exchange. | |||
|
2021-09-22 12:08:10 | Google Working on Improving Memory Safety in Chrome (lien direct) | Google this week shared some details on its long-term plan to improve memory safety in Chrome, while also announcing the first stable release of Chrome 94, which patches a total of 19 vulnerabilities. | |||
|
2021-09-22 11:40:22 | UK Minister Sorry Over Afghan Interpreters\' Data Breach (lien direct) | Britain's defense minister apologized and his ministry suspended an official Tuesday after a “significant” data breach involving the email addresses of dozens of Afghan interpreters hoping to settle in the U.K. | Data Breach | ||
|
2021-09-22 10:56:04 | Flaws in Nagios Network Management Product Can Pose Risk to Many Companies (lien direct) | Researchers have discovered nearly a dozen vulnerabilities in widely used network management products from Nagios. The flaws could pose a serious risk to organizations as these types of products can be a tempting target for malicious actors. | |||
|
2021-09-22 01:50:07 | White House Blacklists Russian Ransomware Payment \'Enabler\' (lien direct) | The Biden administration sought Tuesday to choke the finances of criminal ransomware gangs, announcing sanctions against a Russia-based virtual currency brokerage that officials say helped at least eight ransomware gangs launder virtual currency. | Ransomware | ||
|
2021-09-21 23:07:11 | VMWare Calls Attention to High-Severity vCenter Server Flaw (lien direct) | Cloud computing and virtualization technology giant VMWare on Tuesday shipped an urgent security patch for a flaw in its vCenter Server product and warned users to expect public exploit code within minutes of disclosure. | |||
|
2021-09-21 17:59:09 | Russia-Linked Turla APT Uses New Backdoor in Latest Attacks (lien direct) | Security researchers at Cisco Talos have identified a new backdoor that Russian cyberespionage group Turla is believed to have been using in attacks since last year. | |||
|
2021-09-21 17:42:50 | Decade-Old Adobe ColdFusion Vulnerabilities Exploited by Ransomware Gang (lien direct) | Two ColdFusion vulnerabilities patched by Adobe more than a decade ago have been exploited by threat actors in a recent attack, according to cybersecurity firm Sophos. | Ransomware Threat | ★★ | |
|
2021-09-21 14:23:27 | Providing Developers Value-Focused Feedback in Security Software Development (lien direct) | I recently wrote an article on attracting and retaining A-Players, and one of the key elements was to ensure that leadership share the mission with developers to create a sense of purpose. | Guideline | ||
|
2021-09-21 14:09:40 | OpenOffice Vulnerability Exposes Users to Code Execution Attacks (lien direct) | A buffer overflow vulnerability in Apache OpenOffice could be exploited to execute arbitrary code on target machines using malicious documents. | Vulnerability | ||
|
2021-09-21 12:51:31 | Details of 100M Visitors to Thailand Exposed Online: Research Firm (lien direct) | More than 106 million travellers to Thailand had their personal details exposed online in August, a cybersecurity research company that discovered the data said Monday, but the leak was quickly plugged by authorities. | |||
|
2021-09-21 11:40:32 | Identity Solutions Provider Saviynt Raises $130 Million (lien direct) | Identity and access governance solutions provider Saviynt on Monday announced that it has received a $130 million investment from HPS Investment Partners and PNC Bank. To date, the company has raised $170 million in funding. | |||
|
2021-09-21 11:05:03 | Ransomware Group Demands Millions From U.S. Farmer Cooperative (lien direct) | Cybercriminals are hoping to obtain millions of dollars from a major farmer cooperative in the United States after they breached its systems, encrypted files, and stole vast amounts of data. | |||
|
2021-09-21 03:45:05 | Attacks Targeting OMIGOD Vulnerability Ramping Up (lien direct) | Attackers are increasingly targeting a remote code execution vulnerability in the Open Management Infrastructure (OMI) framework that Microsoft released patches for earlier this month. | Vulnerability | ||
|
2021-09-20 19:06:06 | Apple Ships iOS 15 with MFA Code Generator (lien direct) | Apple on Monday rolled out a major refresh of its flagship iOS mobile platform, adding a built-in two-factor authentication code generator and multiple anti-tracking security and privacy features. | |||
|
2021-09-20 17:40:58 | Cybercriminals Linked to Italian Mafia Arrested by European Police (lien direct) | Spanish and Italian authorities have dismantled an organized crime group allegedly involved in online fraud, money laundering, and other illegal activities. | |||
|
2021-09-20 14:59:45 | EventBuilder Exposed Information of Over 100,000 Event Registrants (lien direct) | Event management company EventBuilder exposed files containing the personal information of at least 100,000 users who registered for events on its platform. | |||
|
2021-09-20 13:11:59 | Attackers Use Linux Binaries as Loaders for Windows Malware (lien direct) | Using Microsoft's Windows Subsystem for Linux (WSL), attackers have leveraged Linux binaries to load payloads into Windows processes, according to researchers with Black Lotus Labs, the threat intelligence unit of tech company Lumen. | Malware Threat | ||
|
2021-09-20 12:32:40 | Cyberattack on Alaska Health Department Linked to State-Sponsored Hackers (lien direct) | The Alaska health department has shared more information about the cyberattack detected earlier this year, and the organization says the attack was conducted by state-sponsored hackers. | |||
|
2021-09-20 11:49:17 | Ongoing Phishing Campaign Targets APAC, EMEA Governments (lien direct) | Government departments in at least 7 countries in the Asia-Pacific (APAC) and Europe, the Middle East and Africa (EMEA) regions have been targeted in a phishing campaign that has been ongoing since spring 2020. | |||
|
2021-09-20 11:14:52 | Indonesia Says No Evidence of Alleged Chinese Intel Hack (lien direct) | Indonesian authorities have found no evidence that the country's main intelligence service's computers were compromised, after a U.S.-based private cybersecurity company alerted them of a suspected breach of its internal networks by a Chinese hacking group, an official said. | Hack | ||
|
2021-09-20 10:26:33 | Nigerian Threat Actor Targeting Aviation Industry Since 2018 (lien direct) | A threat actor likely operating out of Nigeria has been engaged in various malicious campaigns for the past five years and it has mainly targeted the aviation industry for the last two, Cisco's Talos security researchers reveal. | Threat | ||
|
2021-09-17 16:39:33 | Credit Union\'s Legal Battle With Tech Giant Fiserv Rumbles On (lien direct) | Local credit union, Bessemer System Federal Credit Union (BSFCU), sued Fortune 500 tech giant Fiserv over 'amateurish security lapses' in 2019. Fiserv counterclaimed with a motion to dismiss, and Bessemer motioned to dismiss the counterclaim. | |||
|
2021-09-17 15:01:26 | AMD Chipset Driver Vulnerability Can Allow Hackers to Obtain Sensitive Data (lien direct) | Chipmaker AMD has patched a driver vulnerability that could allow an attacker to obtain sensitive information from the targeted system. | Vulnerability | ||
|
2021-09-17 13:38:08 | Operator of \'DownThem\' DDoS Attack Service Convicted (lien direct) | An Illinois man who operated an infamous online service allowing users to launch distributed denial-of-service (DDoS) attacks on selected targets was found guilty of three felonies. | |||
|
2021-09-17 13:21:34 | Pakistani Man Involved in AT&T Hacking Scheme Sentenced to Prison in U.S. (lien direct) | Muhammad Fahd, a 35-year-old Pakistani national, has been sentenced to 12 years of prison in the United States for his role in a scheme that involved illegally unlocking AT&T phones and hacking into the telecoms giant's systems. | |||
|
2021-09-17 12:53:32 | Mirai Botnet Starts Exploiting OMIGOD Flaw as Microsoft Issues More Guidance (lien direct) | Microsoft on Thursday published additional guidance on addressing recently disclosed vulnerabilities in the Open Management Infrastructure (OMI) framework, along with new protections to resolve the bugs within affected Azure Virtual Machine (VM) management extensions. | |||
|
2021-09-17 12:19:38 | German Election Authority Confirms Likely Cyber Attack (lien direct) | Suspected hackers last month briefly disrupted the website of the authority running Germany's September 26 general election, a spokesman for the body told AFP Wednesday. | |||
|
2021-09-17 11:29:06 | U.S. Agencies Warn of APTs Exploiting Recent ADSelfService Plus Zero-Day (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Coast Guard Cyber Command (CGCYBER) have sounded the alarm over in-the-wild attacks targeting a recently disclosed vulnerability in Zoho's ManageEngine ADSelfService Plus product. | Vulnerability | ||
|
2021-09-17 11:23:42 | Court Rejects Lawsuit Against NSA on "State Secrets" Grounds (lien direct) | A divided federal appeals court has upheld the dismissal of an ACLU lawsuit challenging a portion of the National Security Agency's warrantless surveillance of Americans' international email and phone communications. | ★★★★★ | ||
|
2021-09-17 10:27:29 | Cybersecurity M&A Roundup for September 1-15, 2021 (lien direct) | 
|
|||
|
2021-09-16 20:14:21 | Endpoint Security Platform Kolide Banks $17 Million Investment (lien direct) | Endpoint security platform Kolide on Thursday announced that it has raised $17 million in Series B funding, for a total of $27 million raised to date. |
To see everything:
Our RSS (filtrered)
